And even if they were...? Linux still has far fewer pieces of malware written for it than Windows ever did.

Well, Linux doesn't have that much malware written for it for the EXACT reason that these kinds of users largely don't exist on the Linux platform. Why write malware for dumb users to install, if dumb users aren't using the platform? By and large, dumb users don't run servers, so the popularity of Linux as a server platform is irrelevant when comparing how much malware exists for Linux vs Windows.

I have little doubt that if Linux / Windows had an equal amount of dumb users behind the wheel and an equal amount of malware written for them, there'd probably still be more exploits on Windows, but Linux wouldn't exactly be immune either.

Whatever the case, the reality remains the same. Windows has always been, and still is, the low hanging fruit--ever since it took over DOS' market share. And it has traditionally been poorly designed, just like its pathetic predecessor. Coincidence? Not saying that Linux or any other OS for that matter is perfect, but if I were to be browsing porn, you could be damn well sure I'd be doing it on any mainstream OS *besides* Windows.

It's like wearing a rubber... the viruses may possibly be there, but you're less likely to "send" or "receive" them and become infected. Windows at one point offered the protection of nothing at all, but now I'd say it offers the protection of a cheap, generic type of condom. Meanwhile, Linux and BSD have proven themselves over and over, while Windows' nuts and bolts (heh heh) were finally tightened to a more acceptable level with Vista.

"And even if they were...? Linux still has far fewer pieces of malware written for it than Windows ever did.

Well, Linux doesn't have that much malware written for it for the EXACT reason that these kinds of users largely don't exist on the Linux platform. Why write malware for dumb users to install, if dumb users aren't using the platform? By and large, dumb users don't run servers, so the popularity of Linux as a server platform is irrelevant when comparing how much malware exists for Linux vs Windows. I have little doubt that if Linux / Windows had an equal amount of dumb users behind the wheel and an equal amount of malware written for them, there'd probably still be more exploits on Windows, but Linux wouldn't exactly be immune either. "

Depends on what you mean by a "Linux platform". Linux is dominant in embedded system (e.g. TVs, media players), in mobile devices (e.g. phones, tablets), on many types of server (e.g. NAS, web server, mail server), on netwrok infrastructure devices and on supuercomputers. Linux does not however have a significant presence on desktops (although the exact installed base of Linux here is very difficult to determine). In any event, many of the machines on which Linux does run are high-value targets. For example, Google runs a million Linux servers, and Linux runs the London Stock Exchange.

Yet there exists very little malware which targets Linux, despite the high value of many of the target machines.

So ... how to eveluate? Perhaps the best method is to do a rough "risk assessment" type of approach. Factor in the diversity of Linux systems (versus the monoculture of Windows), the relative scarcity of desktop Linux, the relative difficulty of targetting Linux, the relative lack of threats against Linux compared to the superabundance of threats against Windows, the normal practice on Linux of running as a restricted users, the security of the repository/package manager system of software distribution vs the Windows practice of downloading & installing unsigned binary packages, execute permissions within the filesystem, no media autorun, SELinux, etc, etc ...

A rough estimate could perhaps be calculated that the system of an ordinary user on the Internet running Windows in typical usage patterns would perhaps be 10 million times (10^7) more likely to get a malware infection than the same user running Linux.